Rule Library

Sigma Rules

2 rules found for "KevTheHermit"

3,707Total

3,116Detection

451Emerging

137Hunting

Filters

Type

Severity

Status

Product

Suspicious Rejected SMB Guest Logon From IP

Detect Attempt PrintNightmare (CVE-2021-1675) Remote code execution in Windows Spooler Service

Windowssmbclient-security

TA0006 · Credential AccessT1110.001 · Password Guessing

Florian Roth (Nextron Systems)+2Wed Jun 30windows

Emerging Threathightest

Possible CVE-2021-1675 Print Spooler Exploitation

Detects events of driver load errors in print service logs that could be a sign of successful exploitation attempts of print spooler vulnerability CVE-2021-1675

Windowsprintservice-admin

TA0002 · ExecutionT1569 · System Servicescve.2021-1675detection.emerging-threats

Florian Roth (Nextron Systems)+3Wed Jun 302021